{"report_id":"92b50e1c-d208-4e0c-aea0-690ee9bed799","version":0,"status":"done","tags":[],"date":"2026-07-05T16:55:37Z","url":{"schema":"http","addr":"go-yuyan.com.cn/","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":0,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"final":{"url":{"schema":"https","addr":"go-yuyan.com.cn/","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"title":"全球体育赛事数字转播与传媒矩阵","dom":{"size":19970,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"5920a4f7ca0a2a62579519c138c82682","sha1":"adc77fbafa726d0ef06414427271f1fc13556927","sha256":"a788a96c468ee814ad89448b41c449e9ec6838c9947228c0390d7b4895a2042f","sha512":"84cf7b0d4e3aaee0cfc36eff806f8fd2f8e23acf2cb1b393f4d47b87d178a7d87c8eeaab633be391157646086a0c88aa0caa0237e5c84f2aafa620da1c32be08","ssdeep":"384:SPszc7LucyuV0Pxmz1JTW/JTW/JTWd8ctI6DXKNukBF:r47icyuVwxmzHOOi8ctI6DXKN13","tlshash":"9592d63161d2056a7463a184afe39b5f73b5e107d40a853dbadd2280cfceeebcd52609","dom_hash":"domhash365ef3b38a9716f8cc287a4f5d51c3fa","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"go-yuyan.com.cn/","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":0,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-08-09T16:55:37Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"qguvgzjxzsgb3vs"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"go-yuyan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"cheng288888.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"go-yuyan.com.cn","ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":9,"request_count":9,"received_data":82624,"sent_data":5477,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"kaikai168.cn","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2024-05-15","domain_rank":0,"first_seen":"2025-09-11T21:25:12.032513Z","last_seen":"2026-06-29T08:43:42.546809Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":459,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cheng288888.com","ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2026-06-06","domain_rank":0,"first_seen":"2026-06-17T18:04:41.71786Z","last_seen":"2026-06-17T18:04:41.71786Z","alert_count":1,"request_count":1,"received_data":0,"sent_data":460,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"go-yuyan.com.cn/","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"29be562dd8f1659c440333980c2ea361","sha1":"4e9fadc5c9a445ef1b7335f807c18eae22ca820a","sha256":"dab8a3265fd84b5525b1a02a995776c97eb6f805f238933655c0c9ba4f585afc","sha512":"1b9c9f5dcbf71cbd18a327c02cc5418f3cdf3c0a2effad147bce0c3e7cbb6301a3da9c46c956e63fcfae6fa899ec75739aa83dd98be6339fc88952e6e8589732","ssdeep":"","tlshash":"930149ae9b76008da5e3761dd7af820165e900db4a11c007b95ce841af4e90b48f95e5","size":697,"data":"","first_seen":"2026-06-11T01:14:23.404499Z","last_seen":"2026-07-05T16:55:47.081384Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"0bef2edf104d39db36611e5aeff07494","sha1":"0110480590b76baedfc6f14748be63815c18254f","sha256":"32adeaf357d1f6f12a008f888bb221cc1eea1e305624f9d9c93761d7df9eddf8","sha512":"0874d8daccca152b7c97e3e1e18b5180dfc854c8a453d0defc456309987ded534ee1145647413068959783c73559a8fab39c7eaef63eafee22c5df6d6fe42ddc","ssdeep":"","tlshash":"1af0e16019ae7a7fb37c102a6cb99d2a30f714192080d1434f8cf5251ab1bc6cf987d4","size":595,"data":"","first_seen":"2026-06-11T01:14:23.40247Z","last_seen":"2026-07-05T16:55:47.08204Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"introduction_type":"scriptElement","is_inline":true,"md5":"55072504d825d76c96500eaaa766c303","sha1":"0e31510f6c8116f93ea1638bb780723ef21d83bf","sha256":"2078f2ad6864f22e6020c5330d149f7ade08250bdae9e8a265d18436c0879345","sha512":"a760c43bfd1cceaa957e30e4b53599979c668e91d91ebd30947be66a1ac2b6a5d50aa0c6a0f34aeef8a24c0bb8c1bb36c751dc01877b1283cc9985d36f784a43","ssdeep":"","tlshash":"7ed02b1d6eb39038d45284632a7af22121a9a02718d5c00da2c89c1cad98f569c4d9f0","size":272,"data":"","first_seen":"2026-06-11T01:14:23.403452Z","last_seen":"2026-07-05T16:55:47.082762Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"subdocument","requested_by":"https://go-yuyan.com.cn/","date":"2026-07-05T16:55:23.740Z","timestamp":1783270523740,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-yuyan.com.cn","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 00:42:18 GMT","end":"Wed, 23 Sep 2026 00:42:17 GMT"},"fingerprint":{"sha1":"08:2E:9F:FB:46:6D:2E:0A:54:B0:29:91:E6:EA:E0:D6:C6:C7:D8:44","sha256":"D0:F4:47:BC:82:CD:0B:B6:3C:89:15:13:AB:EC:BA:4F:97:46:73:82:09:FC:FC:E9:7D:CC:9D:66:25:74:A2:C4"}}},"request":{"raw":"GET /xt9842_sport_matrix_v4/index.php HTTP/1.1\r\nHost: go-yuyan.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://go-yuyan.com.cn/\r\nCookie: server_session_ca897cda=f18b0e9831c9699ab47e027daf6e737e\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: iframe\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPriority: u=4\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 05 Jul 2026 16:55:10 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nx-robots-tag: noindex, nofollow, noarchive\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":20810,"size_decoded":5218,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text","md5":"b6e6733cf3546df72787ecb1d23d4171","sha1":"183628d76da8c5c577ad455896035952c46b4b3f","sha256":"092dd459cf7e9c233d4b58cf36431b47a6a192762be492e12401646472b451d0","sha512":"6f3d43fadbf7484fac631f92099010693f6d5d7c533f6890ec61ca342fdbde63f57048d0dfd22f02417ada8f49345d3d4e8566e8061c0c23819c1625ef46b45f","ssdeep":"192:2PW6z2za9TfUMbMSb6HKJ7LulMAIYRxGdJJDyaxhgEWvelMQXVDtbTkttB6nOQhA:2Przj7LucyuV0PxmzAtt2d6DXKNukBM","tlshash":"6692b72251a105666423a1946fe29b7f73b6e103c00a913d7add2285cfceeebdd63609","first_seen":"2026-06-11T01:14:23.400459Z","last_seen":"2026-07-05T16:55:47.073129Z","times_seen":4,"resource_available":false,"data":null}},"time_used":203,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":203,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"go-yuyan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-yuyan.com.cn/favicon.ico","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://go-yuyan.com.cn/","date":"2026-07-05T16:55:23.758Z","timestamp":1783270523758,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-yuyan.com.cn","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 00:42:18 GMT","end":"Wed, 23 Sep 2026 00:42:17 GMT"},"fingerprint":{"sha1":"08:2E:9F:FB:46:6D:2E:0A:54:B0:29:91:E6:EA:E0:D6:C6:C7:D8:44","sha256":"D0:F4:47:BC:82:CD:0B:B6:3C:89:15:13:AB:EC:BA:4F:97:46:73:82:09:FC:FC:E9:7D:CC:9D:66:25:74:A2:C4"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: go-yuyan.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://go-yuyan.com.cn/\r\nCookie: server_session_ca897cda=f18b0e9831c9699ab47e027daf6e737e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=6\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 05 Jul 2026 16:55:10 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3397,"size_decoded":2081,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"75e09569be04ed981bf768897071cd6c","sha1":"967a23a55448dad0aadc31de2a8aea1913f1b5ab","sha256":"0a5b1f401ac2dc27c63b8a86f5944a6dfc5e98965a16462ca16caadfc4ff58d4","sha512":"0ea0855ab79b0edb0359a851df290316105c19cf102ef80987b75a2322367714863a36336a25d63055a1eabe06143eb879bc0c30c28c812e96c90128f9cbbfb4","ssdeep":"","tlshash":"f761b55b53241808a0bb9738fb21c3c5a59a81d3c3078775fe86621bcacc1228ef5798","first_seen":"2026-06-12T14:37:58.745514Z","last_seen":"2026-07-05T16:55:47.074006Z","times_seen":13,"resource_available":true,"data":null}},"time_used":392,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":392,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"go-yuyan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-yuyan.com.cn/xt9842_sport_matrix_v4/img/ky.png?v=1","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php","date":"2026-07-05T16:55:23.968Z","timestamp":1783270523968,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-yuyan.com.cn","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 00:42:18 GMT","end":"Wed, 23 Sep 2026 00:42:17 GMT"},"fingerprint":{"sha1":"08:2E:9F:FB:46:6D:2E:0A:54:B0:29:91:E6:EA:E0:D6:C6:C7:D8:44","sha256":"D0:F4:47:BC:82:CD:0B:B6:3C:89:15:13:AB:EC:BA:4F:97:46:73:82:09:FC:FC:E9:7D:CC:9D:66:25:74:A2:C4"}}},"request":{"raw":"GET /xt9842_sport_matrix_v4/img/ky.png?v=1 HTTP/1.1\r\nHost: go-yuyan.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php\r\nCookie: server_session_ca897cda=f18b0e9831c9699ab47e027daf6e737e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 05 Jul 2026 16:55:10 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 04 Jul 2026 08:21:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a48c28e-3ace\"\r\nexpires: Tue, 04 Aug 2026 16:55:10 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15054,"size_decoded":15344,"mime_type":"image/png","magic":"PNG image data, 814 x 200, 8-bit colormap, non-interlaced","md5":"5bdb83ec9f353d69c2ebc9c36cef090e","sha1":"e3a542a5b41ab05a8a444c3f106186806d1f025e","sha256":"fc148ba9a62f11da475123e65ced85cb59d9715e2c202655e4322942803bde0e","sha512":"465c1eb28d8641c930c163efdafb203a10dd280eb47d5fdc121459bc243309ee18c8fd5f1162bc39402ee416d6ad4034a83253195d5961633a23620a6dfcc261","ssdeep":"192:JpKA2giu6cjK+61eWj17lwRm+M2HtS7NGO+bgJvlClT+ehacY7qZFimlLKztvuBJ:Xk+6Jx7lwRmCpOPJ4T1oulZwtHa","tlshash":"1e62d1c3420996a3fe3624fc31850bada934fcbe5411f725d621758fc9f4aa34c9191e","first_seen":"2023-09-17T16:12:24Z","last_seen":"2026-07-05T18:10:28.270177Z","times_seen":3301,"resource_available":false,"data":null}},"time_used":383,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":383,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"go-yuyan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-yuyan.com.cn/xt9842_sport_matrix_v4/img/jy.png?v=2","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php","date":"2026-07-05T16:55:23.970Z","timestamp":1783270523970,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-yuyan.com.cn","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 00:42:18 GMT","end":"Wed, 23 Sep 2026 00:42:17 GMT"},"fingerprint":{"sha1":"08:2E:9F:FB:46:6D:2E:0A:54:B0:29:91:E6:EA:E0:D6:C6:C7:D8:44","sha256":"D0:F4:47:BC:82:CD:0B:B6:3C:89:15:13:AB:EC:BA:4F:97:46:73:82:09:FC:FC:E9:7D:CC:9D:66:25:74:A2:C4"}}},"request":{"raw":"GET /xt9842_sport_matrix_v4/img/jy.png?v=2 HTTP/1.1\r\nHost: go-yuyan.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php\r\nCookie: server_session_ca897cda=f18b0e9831c9699ab47e027daf6e737e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 05 Jul 2026 16:55:10 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 04 Jul 2026 08:21:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a48c28e-ded\"\r\nexpires: Tue, 04 Aug 2026 16:55:10 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":3565,"size_decoded":3882,"mime_type":"image/png","magic":"PNG image data, 280 x 104, 8-bit colormap, non-interlaced","md5":"6f189fd1e6a58470d23e4c7e4d1a5c8b","sha1":"002f9b0a3531228775689c1d4ef71c426bd1aece","sha256":"975a4bf70ebd1b9a7e230d72b683b2d2a12a67c42d79b470cf443c416bf6fbfe","sha512":"c36f28e29c18c22f058a8dfc2ab238daff33806cb23c7426ff7903ba6263ee9edf2d1bea4f59c7858dc934c0d6213a9c56a7f7403da97714ed8689a57191a4c9","ssdeep":"","tlshash":"aa713be2a27c28a4348584e7449a8fca60579e175908d226c0407e31fd7eb76d6aa729","first_seen":"2024-05-04T09:34:06Z","last_seen":"2026-07-05T16:55:47.075458Z","times_seen":421,"resource_available":false,"data":null}},"time_used":397,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":397,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"go-yuyan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-yuyan.com.cn/xt9842_sport_matrix_v4/img/mk.png?v=4","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php","date":"2026-07-05T16:55:23.974Z","timestamp":1783270523974,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-yuyan.com.cn","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 00:42:18 GMT","end":"Wed, 23 Sep 2026 00:42:17 GMT"},"fingerprint":{"sha1":"08:2E:9F:FB:46:6D:2E:0A:54:B0:29:91:E6:EA:E0:D6:C6:C7:D8:44","sha256":"D0:F4:47:BC:82:CD:0B:B6:3C:89:15:13:AB:EC:BA:4F:97:46:73:82:09:FC:FC:E9:7D:CC:9D:66:25:74:A2:C4"}}},"request":{"raw":"GET /xt9842_sport_matrix_v4/img/mk.png?v=4 HTTP/1.1\r\nHost: go-yuyan.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php\r\nCookie: server_session_ca897cda=f18b0e9831c9699ab47e027daf6e737e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 05 Jul 2026 16:55:10 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 04 Jul 2026 08:21:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a48c28e-1dfc\"\r\nexpires: Tue, 04 Aug 2026 16:55:10 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7676,"size_decoded":7796,"mime_type":"image/png","magic":"PNG image data, 480 x 160, 8-bit colormap, non-interlaced","md5":"6223ed70b4b795e8a232dbd56564b900","sha1":"950eee548da241a63824f15da562e1da4c651d6e","sha256":"27173ba21b816364584f8576742a0756d2e4b40ed644a47f67697b9cd5792533","sha512":"51123d69ded00be03f46820097c9e3c95f58c4c089dd6dfa29b058902e944584b7a1de7486eee4052709c9bf83e7f52a766f87ecbca39420f0d375f91fe34efc","ssdeep":"192:LxTy94B3I9R3J9GtAzhAaOW5fBXyKsbFcotC/Mh:1TyOp2R3JktybxqKjjkh","tlshash":"abf1af9a41bb5a2005c7663d40413e91fbbcbe0d9fc718a1e6893641a0f947b1bfe6f4","first_seen":"2025-09-01T21:55:54.629053Z","last_seen":"2026-07-05T16:55:47.076161Z","times_seen":187,"resource_available":false,"data":null}},"time_used":582,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":582,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"go-yuyan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-yuyan.com.cn/xt9842_sport_matrix_v4/img/ayx.png?v=686","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php","date":"2026-07-05T16:55:23.976Z","timestamp":1783270523976,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-yuyan.com.cn","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 00:42:18 GMT","end":"Wed, 23 Sep 2026 00:42:17 GMT"},"fingerprint":{"sha1":"08:2E:9F:FB:46:6D:2E:0A:54:B0:29:91:E6:EA:E0:D6:C6:C7:D8:44","sha256":"D0:F4:47:BC:82:CD:0B:B6:3C:89:15:13:AB:EC:BA:4F:97:46:73:82:09:FC:FC:E9:7D:CC:9D:66:25:74:A2:C4"}}},"request":{"raw":"GET /xt9842_sport_matrix_v4/img/ayx.png?v=686 HTTP/1.1\r\nHost: go-yuyan.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php\r\nCookie: server_session_ca897cda=f18b0e9831c9699ab47e027daf6e737e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 05 Jul 2026 16:55:10 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 04 Jul 2026 08:21:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a48c28e-16d9\"\r\nexpires: Tue, 04 Aug 2026 16:55:10 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5849,"size_decoded":6179,"mime_type":"image/png","magic":"PNG image data, 216 x 86, 8-bit colormap, non-interlaced","md5":"893f767c5c87c8602b3ac59f85396000","sha1":"24bd980ebbb23bace78f5ba3f16aab10bd2a6ed0","sha256":"42666954b6fab0a9be2310a0448fbaa0334d7f1fcb9c87e27599f1115aed69ff","sha512":"f3f7cd4706df6bc960a6c86bb7c36b729c396bd9f1ded213a9b34bd8c5b515d0abd2ff8afcf42da3c755ef4ba687729d4d3a0b7adadddf892e650d506a470e8e","ssdeep":"96:0evY5KNnrn1QWNL5HAQMEpu94G91DGHHyFXJoiyZvUoA/hMkkDDWBytodVQbyvkL:0Or1JLeVgHSqBMikkf4GL","tlshash":"c3c18d876fb678a1b31b3f994afff34699b46e7892520471ca0cd0aa1564a36a0401cb","first_seen":"2023-12-08T20:36:55Z","last_seen":"2026-07-05T18:10:28.349663Z","times_seen":1100,"resource_available":false,"data":null}},"time_used":580,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":580,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"go-yuyan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-yuyan.com.cn/xt9842_sport_matrix_v4/img/ly.png?v=6","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php","date":"2026-07-05T16:55:23.978Z","timestamp":1783270523978,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-yuyan.com.cn","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 00:42:18 GMT","end":"Wed, 23 Sep 2026 00:42:17 GMT"},"fingerprint":{"sha1":"08:2E:9F:FB:46:6D:2E:0A:54:B0:29:91:E6:EA:E0:D6:C6:C7:D8:44","sha256":"D0:F4:47:BC:82:CD:0B:B6:3C:89:15:13:AB:EC:BA:4F:97:46:73:82:09:FC:FC:E9:7D:CC:9D:66:25:74:A2:C4"}}},"request":{"raw":"GET /xt9842_sport_matrix_v4/img/ly.png?v=6 HTTP/1.1\r\nHost: go-yuyan.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php\r\nCookie: server_session_ca897cda=f18b0e9831c9699ab47e027daf6e737e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 05 Jul 2026 16:55:10 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 04 Jul 2026 08:21:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a48c28e-1733\"\r\nexpires: Tue, 04 Aug 2026 16:55:10 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":5939,"size_decoded":6210,"mime_type":"image/png","magic":"PNG image data, 250 x 100, 8-bit colormap, non-interlaced","md5":"0766823d7d695ab7be2022a7856ba852","sha1":"8784e00785274e6a63bc8f83461d4786953b6e76","sha256":"a0f09589fdb876045b3ff19713921db68e488d1a853ac7d3872241f9bf624594","sha512":"0ab9505feb5f8a8312f9ae3ebf10a1131b37b5e545e663df68a7f941b597a3ab5c9c14bad11c74b3bd54b5e20347249e673a99e1449db46b6e23c3218d38f764","ssdeep":"96:tWaPv1GR74oIl25kQN0Fw731k8PFwrD2oX6cHuvQoAD7uvsk9wzibJD9msveFW/5:UaPgR77Il25SmRkfrz6cOvQouukJqxmE","tlshash":"42c19fd6184a5a61e142090fd4a8ea0cf8f4f15fe6dc26e4df5c8ad787c3cc85be5184","first_seen":"2024-06-11T19:41:23Z","last_seen":"2026-07-05T18:10:28.255741Z","times_seen":2948,"resource_available":false,"data":null}},"time_used":599,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":599,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"go-yuyan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"kaikai168.cn/matomo/matomo.js","fqdn":"kaikai168.cn","domain":"kaikai168.cn","tld":"cn"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php","date":"2026-07-05T16:55:23.982Z","timestamp":1783270523982,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /matomo/matomo.js HTTP/1.1\r\nHost: kaikai168.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://go-yuyan.com.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-05T19:00:52.27464Z","times_seen":17010185,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"go-yuyan.com.cn/","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-07-05T16:55:04.607Z","timestamp":1783270504607,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-yuyan.com.cn","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 00:42:18 GMT","end":"Wed, 23 Sep 2026 00:42:17 GMT"},"fingerprint":{"sha1":"08:2E:9F:FB:46:6D:2E:0A:54:B0:29:91:E6:EA:E0:D6:C6:C7:D8:44","sha256":"D0:F4:47:BC:82:CD:0B:B6:3C:89:15:13:AB:EC:BA:4F:97:46:73:82:09:FC:FC:E9:7D:CC:9D:66:25:74:A2:C4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: go-yuyan.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: none\r\nPriority: u=0, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 05 Jul 2026 16:55:09 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nvary: Accept-Encoding\r\nset-cookie: server_session_ca897cda=f18b0e9831c9699ab47e027daf6e737e; Max-Age=864000; httponly; path=/\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3397,"size_decoded":2185,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with CRLF line terminators","md5":"75e09569be04ed981bf768897071cd6c","sha1":"967a23a55448dad0aadc31de2a8aea1913f1b5ab","sha256":"0a5b1f401ac2dc27c63b8a86f5944a6dfc5e98965a16462ca16caadfc4ff58d4","sha512":"0ea0855ab79b0edb0359a851df290316105c19cf102ef80987b75a2322367714863a36336a25d63055a1eabe06143eb879bc0c30c28c812e96c90128f9cbbfb4","ssdeep":"","tlshash":"f761b55b53241808a0bb9738fb21c3c5a59a81d3c3078775fe86621bcacc1228ef5798","first_seen":"2026-06-12T14:37:58.745514Z","last_seen":"2026-07-05T16:55:47.074006Z","times_seen":13,"resource_available":true,"data":null}},"time_used":33484,"timings":{"blocked":-1,"dns":15641,"connect":16848,"send":0,"wait":397,"receive":-1,"ssl":598},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"go-yuyan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"go-yuyan.com.cn/xt9842_sport_matrix_v4/img/hth.png?v=3","fqdn":"go-yuyan.com.cn","domain":"go-yuyan.com.cn","tld":"com.cn"},"ip":{"addr":"191.214.50.3","port":443,"asn":7738,"as":"V tal","country":"Brazil","country_code":"BR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php","date":"2026-07-05T16:55:23.972Z","timestamp":1783270523972,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"go-yuyan.com.cn","organization":""},"issuer":{"commonName":"YE2","organization":"Let's Encrypt"},"validity":{"start":"Thu, 25 Jun 2026 00:42:18 GMT","end":"Wed, 23 Sep 2026 00:42:17 GMT"},"fingerprint":{"sha1":"08:2E:9F:FB:46:6D:2E:0A:54:B0:29:91:E6:EA:E0:D6:C6:C7:D8:44","sha256":"D0:F4:47:BC:82:CD:0B:B6:3C:89:15:13:AB:EC:BA:4F:97:46:73:82:09:FC:FC:E9:7D:CC:9D:66:25:74:A2:C4"}}},"request":{"raw":"GET /xt9842_sport_matrix_v4/img/hth.png?v=3 HTTP/1.1\r\nHost: go-yuyan.com.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php\r\nCookie: server_session_ca897cda=f18b0e9831c9699ab47e027daf6e737e\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPriority: u=5, i\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 \r\nserver: nginx\r\ndate: Sun, 05 Jul 2026 16:55:10 GMT\r\ncontent-type: image/png\r\nlast-modified: Sat, 04 Jul 2026 08:21:34 GMT\r\nvary: Accept-Encoding\r\netag: W/\"6a48c28e-36e3\"\r\nexpires: Tue, 04 Aug 2026 16:55:10 GMT\r\ncache-control: max-age=2592000\r\nstrict-transport-security: max-age=31536000\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14051,"size_decoded":14426,"mime_type":"image/png","magic":"PNG image data, 216 x 86, 8-bit/color RGBA, non-interlaced","md5":"f76d19b21d820e099c05cae46c66e7af","sha1":"9952c3e4735b61fd350da83a7e995a6d4f207bb9","sha256":"07f8e204442d2ceb6807d3a1351b4dcc1495d265200d3146926e6abbb3a5e26f","sha512":"8d89525620c9999ee4996d7c49e5cac7b006d5661257b5e1ce929379ffedba73ce170a92dc339f9800593bfec97d2a82d033ece0634060beb2d644a0c999be55","ssdeep":"384:n4f9JHkdR2mk8A0xD3smcrmoAjYx4uV9+xCVm:nKHMR2mkLmD3QKXE4uVgxL","tlshash":"0c52d087c1c293ffe28999ebe18903e045fb27f55c4bf5925607e5542083b74e929ca3","first_seen":"2025-03-15T05:30:07.25686Z","last_seen":"2026-07-05T16:55:47.080629Z","times_seen":363,"resource_available":false,"data":null}},"time_used":396,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":396,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"go-yuyan.com.cn","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"cheng288888.com/link.js?546455","fqdn":"cheng288888.com","domain":"cheng288888.com","tld":"com"},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://go-yuyan.com.cn/xt9842_sport_matrix_v4/index.php","date":"2026-07-05T16:55:23.985Z","timestamp":1783270523985,"http_version":"","security_state":"","security_info":null,"request":{"raw":"GET /link.js?546455 HTTP/1.1\r\nHost: cheng288888.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.9\r\nAccept-Encoding: gzip, deflate, br, zstd\r\nSec-Fetch-Storage-Access: none\r\nSec-GPC: 1\r\nConnection: keep-alive\r\nReferer: https://go-yuyan.com.cn/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-07-05T19:00:52.27464Z","times_seen":17010185,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-07-05","alert":"Sinkholed","trigger":"cheng288888.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}}]}
